Related Articles

Small business owners implement a range of traditional security measures to prevent or minimize the negative impact of security events, such as lost revenues due to the theft of inventory. For example, site security measures define a company's physical boundaries and deter, detect or delay an intruder's entry. In turn, security technology, such as an intruder detection system, can inform business personnel of an impending theft. Equally important, office security serves to identify dishonest employees who commit fraud and embezzlement, whereas transport security counters employees' efforts to steal or destroy inventory.

Purpose of Traditional Security

A security event, such as fraud or theft, undermines the performance of a small business and impacts its bottom line. Your business costs include not only the value of the stolen or destroyed property, but the expense from lost sales and structural damage repair. In addition, a small business may lose earnings due to an interruption in an accounting process resulting from the theft or destruction of computers and associated equipment. Equally significant are the financial, staffing and team losses incurred due to injuries sustained by employees during a security event, such as an explosion. And depending on the type of business, a security event can damage your company's reputation, causing further financial stress in the form of lost accounts.

Site Security

Physical security places obstacles in the way of those determined to gain unauthorized entry to a protected area, such as a business site, office or warehouse. Types of physical security include fences, locks, physical barriers and uniformed guards. Closed-circuit television and intruder alarms are also used for site security. Physical security often reflects the “defense in depth” concept, which refers to the use of multiple security mechanisms to protect assets. For example, an intruder entering a company site might first encounter well-lit grounds and then physical barriers, such as fences and concrete barriers,. The intruder might then be met with locked doors and windows, safes and vaults.

Alarms, Intrusion Detection and Access Control

Security technology, including alarms, intrusion detection systems and access control systems protect a business's premises during non-working hours by first detecting an intruder as soon as possible after he attempts entry to a protected area, then by notifying the police or private security agencies tasked with responding to a security alert. Types of alarms include perimeter alarms, fence-mounted alarm systems, free-standing systems and building perimeter alarms. In turn, access control systems mitigate theft by limiting access to business assets on a “need-to-be-there” principle. Assets are placed in protected areas, and access to these areas is limited to authorized personnel by means of mechanical locks and electronic control systems – biometrics, card or token systems – or supervised control points.

Office Security

The lifeblood of a small business, its accounting process, is at risk due to employees or contractors who embezzle funds or commit fraud. For example, an employee might create fictitious invoices, issue checks for payment of those invoices and deposit the checks to his own accounts. In addition, a payroll clerk might issue payroll checks to accounts in the names of fictitious employees that the clerk controls. Defenses against such crimes include the security technology and physical security described earlier, which limit access to particular areas during particular hours. Additional deterrents include personnel security, such as pre-employment checks. Also effective are internal controls such as accounting policies and procedures and the enforcement of sanctions against those who violate the policies. In addition, internal audits identify a lack of compliance with procedures designed to deter fraud. Complementing these traditional security measures are software, communications, hardware and network security measures, generally referred to as computer security. For example, antivirus software protects computers and networks from viruses, and encrypted transmissions protect Web-based monetary transactions. In turn, whereas passwords prevent unauthorized access to hardware, software and networks, encrypted transmissions prevent the unauthorized access to company communications.

Transport Security

A privileged insider status, such as the role of a shipping clerk or a purchasing agent, can be used by a dishonest employee to steal from his employer. According to the National Retail Mutual Association, retailers suffered $15.9 billion in losses due to internal theft in 2010. A portion of these losses might be prevented if a small business deploys adequate physical security measures to protect warehoused goods and implements appropriate security policies, such as a “stop-and-search” policy that prevents an unauthorized individual from leaving a location with business assets.

References (7)

Handbook of Business Security: A Practical Guide to Managing the Security Risk; Keith Hearnden

About the Author

Billie Nordmeyer works as a consultant advising small businesses and Fortune 500 companies on performance improvement initiatives, as well as SAP software selection and implementation. During her career, she has published business and technology-based articles and texts. Nordmeyer holds a Bachelor of Science in accounting, a Master of Arts in international management and a Master of Business Administration in finance.